CrawlJobs Logo

Vulnerability Reporting Lead

https://www.citi.com/ Logo

Citi

Location Icon

Location:
Hungary , Budapest

Category Icon
Category:
IT - Administration

Job Type Icon

Contract Type:
Not provided

Salary Icon

Salary:

Not provided
Save Job
Save Icon
Apply Position

Job Description:

Within CISO, the Vulnerability Operations Team is responsible for managing and improving the Vulnerability Management Process globally, providing oversight and coordination for the highest criticality vulnerabilities (GEMs), and for managing the vulnerability lifecycle for technology products owned within the Chief Information Security Office (CISO). The Vulnerability Operations team was recently formed to lead the operational response to the most critical cybersecurity vulnerabilities, known as GEMs, and to drive tactical and strategic improvements to the Vulnerability and Threat Management Process. Operational response efforts include end-to-end oversight of the data flow and GEMs/potential GEMS, escalations for past due vulnerabilities and providing stakeholders with actionable data and dashboarding to aide in the visualization of risk and remediation efforts needed.

Job Responsibility:

  • Drive vulnerability reporting and engagement program enhancements
  • Rationalize tooling and initiatives for vulnerability lifecycle management and reporting
  • Develop relationships with sectors to resolve aging critical vulnerabilities on assets within Citi
  • Prioritize various business requirements for enhancements to vulnerability management program
  • Analyze data to identify trends, opportunities and deliver audit/regulatory deliverables
  • Work with vulnerability lifecycle managers, Asia and Europe-based operations and application support teams to analyze requirements, design and develop specs and manage data which supplies information to all vulnerability threat reporting and analysis
  • Lead Europe-based level one support team, responsible for basic troubleshooting and providing clarity to data consumers on steps required for vulnerability remediation
  • Implement identified process improvements

Requirements:

  • 5+ years in vulnerability management or information security reporting functions
  • Strong project management skills
  • Familiar with management of development items in Jira
  • Strong communication skills
  • Familiarity with Vulnerability Assessment tools, e.g., Nessus, Qualys, etc.
  • OS Security, e.g., Unix, Linux, Windows, Cisco, etc.
  • Web application infrastructure, e.g., Application Servers, Web Servers, Databases
  • Web development and programming languages i.e., Python, Perl, Ruby, Java, and/or .Net
  • Business Intelligence tools
  • SQL scripting and advanced Excel skills
  • Strong work ethic and a proactive mindset with ability to think “outside of the box” to solve problems
  • Fluency in English
  • Experience solving complex data flow challenges
  • Advanced knowledge of complex queries for data analysis
  • Experience with at least one coding language (PowerShell, Python, C#, etc.)
  • Experience in automation and optimization of repetitive processes and reporting
  • Bachelor’s degree/University degree or equivalent experience
What we offer:
  • Cafeteria Program
  • Home Office Allowance (for colleagues working in hybrid work models)
  • Paid Parental Leave Program (maternity and paternity leave)
  • Private Medical Care Program and onsite medical rooms at our offices
  • Pension Plan Contribution to voluntary pension fund
  • Group Life Insurance
  • Employee Assistance Program
  • Access to a wide variety of learning and development programs, online course libraries and upskilling platforms, such as Udemy and Degreed
  • Flexible work arrangements to support you in managing work - life balance
  • Career progression opportunities across geographies and business lines
  • Socially active employee communities with diverse networking opportunities

Additional Information:

Job Posted:
April 30, 2025

Employment Type:
Fulltime
Work Type:
Hybrid work
Icon
Citi - All Job Offers
Job Link Share:
Copy Link Icon
Facebook Icon Twitter Icon LinkedIn Icon

Looking for more opportunities? Search for other job offers that match your skills and interests.

Briefcase Icon

Similar Jobs for Vulnerability Reporting Lead

Vulnerability Management Response Lead

The Vulnerability Response Lead is a key role within the Vulnerability Managemen...
Location
Location
Poland
Salary
Salary:
Not provided
https://www.hsbc.com Logo
HSBC
Expiration Date
January 30, 2026
Flip Icon
Requirements
Requirements
  • Minimum of 3-5 years’ experience in working in IT Security or similar role
  • Experience of working in roles within Cyber Security Operations, Risk Management, and Governance, within a mid to large enterprise or equivalent organisation
  • Ability to understanding, apply, and improve elements of the Vulnerability Management Lifecycle and use multiple toolsets to convey information, obtain data, and make it meaningful to future plans
  • Lateral thinking and creative form to deploy expertise in the uplift of people skills, process identifications, and technological adjustments
  • Ability to recognise threats and risk, and act with insight to deliver a core part of the Cyber Security Operational model in HSBC
  • Ability to produce clear and concise reports for targeted audiences across internal and external stakeholders
  • Understanding and experience in the practical application and execution of Vulnerability scanning technologies and their application (e.g. Nessus, SAST/MAST/DAST (Checkmarx, Netsparker, Fortify, IBM AppScan, etc.), Tenable.io, Security Center (or similar Vulnerability Scanning products), risk consolidation platforms)
  • Vulnerability assessments, scoring and ratings and how they are applied
  • Patch Management
  • Business and architectural design, including controls analysis, process flows and data flows
Job Responsibility
Job Responsibility
  • Support the remediation efforts of newly discovered vulnerabilities, where the risk score is deemed critical and an immediate risk to HSBC
  • Monitor external threat feeds and Cyber Intelligence Threat Analysis to identify any newly reported external risks
  • Manage the documentation of FRTF and ITAG initiatives and providing / identifying expert advice & guidance on remediation approaches
  • Track and report of ITAG and FRTF initiatives, as well as producing closure reports for completed ITAG’s and FRTF’s
  • Follow operational processes and ensure that they provide the most streamlined and efficient method of operations, whilst identifying opportunities for improvement
  • Support thematic reviews to drive and systematic uplifts and enhancements to services that help protect the bank
  • Maintain operational documentation on what reports are available and how / where to access them
  • Conduct holistic reviews of the overall baseline security posture
  • Contribute to and inform requests from Regulators, Internal/ External Audit, and 2LOD challenges/ Papers
  • Support the commentary for routine governance submissions e.g. Cybersecurity Executive Committee Monthly Update, Risk Map, KCIs, KRIs
What we offer
What we offer
  • Competitive salary
  • Annual performance-based bonus
  • Additional bonuses for recognition awards
  • Multisport card
  • Private medical care
  • Life insurance
  • One-time reimbursement of home office set-up (up to 800 PLN)
  • Corporate parties & events
  • CSR initiatives
  • Nursery discounts
  • Fulltime
Read More
Arrow Right

Vulnerability Management Technical Lead

The role includes managing and optimizing vulnerability management workflows usi...
Location
Location
India , Bengaluru
Salary
Salary:
Not provided
https://www.soprasteria.com Logo
Sopra Steria
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 4 to 8 years of experience
  • engineering graduate - preferably B.E./B.Tech in IT or Computer Engineering
  • strong analytical skills
  • experience with security information and event management (SIEM) tools
  • ~5 years of experience in information security, specifically in end-to-end vulnerability management with 2-3 years hands-on Rapid7 experience
  • advanced degrees or certifications preferred
  • knowledge of current cybersecurity trends, threats, and techniques
  • understanding of regulatory requirements
  • ability to work independently and collaboratively
  • good interpersonal and communication skills
Job Responsibility
Job Responsibility
  • ensure that Rapid7 is fully and effectively implemented
  • assist with design, implementation, and optimization of automated tagging workflows
  • build and refine InsightVM dashboards and reports for insights
  • integrate Rapid7 with external systems for accurate asset context and automated remediation ticket creation
  • collaborate with IT teams to reduce false positives and orphaned assets
  • implement and support scan scheduling and tuning
  • assist in risk acceptance workflows
  • troubleshoot scan and synchronization issues
  • drive process improvements in vulnerability management workflow
  • deliver security reports and presentations
What we offer
What we offer
  • inclusive and respectful work environment
  • positions open to people with disabilities
  • Fulltime
Read More
Arrow Right

Security Research Team Lead

At JFrog, we’re reinventing DevOps to help the world’s greatest companies innova...
Location
Location
Israel , Netanya/Tel Aviv
Salary
Salary:
Not provided
jfrog.com Logo
JFrog
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Vulnerability research experience in any of the following languages: Python, Node.js, Java, C, Go
  • 2+ years of code exploitation experience (ex. penetration testing in backend environments or web applications or binary exploitation)
  • 1+ years of team leading experience
  • 3+ years of Python programming experience
  • Experience in writing technical reports
Job Responsibility
Job Responsibility
  • Research CVEs and one-day vulnerabilities from various coding languages and technologies, including PoC development
  • Define how to find exploitable vulnerabilities automatically & develop code that identifies the instances where a vulnerability is exploitable
  • Perform security research on various open-source technologies, frameworks, and libraries
  • Publish your findings about the research subjects mentioned above
Read More
Arrow Right

Director, Vulnerability Management

The Director of Vulnerability Management takes full accountability for running t...
Location
Location
United States , Philadelphia
Salary
Salary:
Not provided
comcastcorporation.com Logo
Comcast
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 6-8 years experience of leading, mentoring, and growing high-performing teams within the vulnerability management domain
  • Proven experience managing vulnerability management programs at enterprise scale
  • Ability to respond quickly to emerging vulnerabilities and implement immediate remediation measures
  • Comfortable operating under high-pressure conditions with competing priorities
  • Strong technical expertise in vulnerability management platforms and scanning technologies
  • Executive presence with the ability to engage and influence senior leadership effectively
  • Expertise in reporting and metrics to drive accountability and transparency
  • Strong problem-solving and analytical skills to assess risk and develop mitigation strategies
  • Ability to lead complex projects and collaborate across multiple business units
  • Bachelor's Degree
Job Responsibility
Job Responsibility
  • Leads projects, or delegates and supervises project leaders, for security initiatives involving the hardware and application systems
  • Leads and is accountable for scanning operations, data and metrics, and leading projects in the overall VM landscape
  • Maintain, configure and operate the vulnerability management platforms to optimal levels
  • A strong focus on reporting and metrics to ensure that risk is constantly being addressed and programs are in place to continuously improve the security posture of Comcast from a vulnerability management perspective
  • A strong and confident people leader that aligns to Comcast values and helps to coach, mentor and grow the team
  • Works in close alignment with internal Security Development Lifecycle (SDL) coaches and our security leads to help drive down vulnerabilities across the enterprise
  • Collaborates with other Information Technology departments and key business areas to ensure information security requirements are defined, documented, tested and delivered as part of project deliverables
  • Performs sophisticated analytical tasks to assess risk and determines strategies required to resolve issues, accurate technical security problems, or mitigate risk
  • Assists in the preparation of budgets and forecasts
  • Selects, develops and evaluates personnel to ensure efficient operations within department
What we offer
What we offer
  • Paid Time off
  • Physical Wellbeing benefits
  • Financial Wellbeing benefits
  • Emotional Wellbeing benefits
  • Life Events + Family Support benefits
  • Fulltime
Read More
Arrow Right

SecOps Lead

The Vulnerability Program Lead is part of our Security Operations (‘SecOps’) tea...
Location
Location
United States
Salary
Salary:
115000.00 - 120000.00 USD / Year
radancy.com Logo
Radancy
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Familiarity with vulnerability assessment tools and manual testing practices for Applications and Systems (Qualys, InsightVM, Metasploit, Burpsuite, Veracode)
  • 3+ years performing vulnerability management
  • Ability to plan, organize, prioritize and independently solve problems seeking help when necessary
  • Strong communication skills, very proactive and results oriented
  • Knowledge of software development processes and concepts
  • Understanding of OWASP, USCERT, NIST, ISO 27001/270002 a plus
  • Ability to meet deadlines
  • Proficient with Linux
  • Proficient with Microsoft Office
  • Ability to stay calm under pressure and the ability to set customer expectations and clearly follow through to meet them
Job Responsibility
Job Responsibility
  • Managing vulnerability testing tools, scheduling and creating scans, working with tech teams to remediate issues
  • Lead a team of vulnerability analysts and coordinate with managed security service providers
  • Report on vulnerabilities and the overall health of the vulnerability management program
  • Document, prioritize and formally report asset and vulnerability state, along with remediation recommendations and validation
  • Working with clients to resolve public facing vulnerabilities in our applications and associated infrastructure
  • Regularly research and learn new TTPs in public and closed forums, and work with colleagues to assess risk and implement/validate controls as necessary
  • Create metrics for management reporting
  • Coordinate with internal and external auditors
  • Coordinate Security RFP responses
  • Maintain document repository and audit book
What we offer
What we offer
  • Comprehensive medical coverage, with dental, vision and life insurance
  • Competitive 401(k) plan with employer matching
  • Unlimited flexible time off (FTO)
  • World-class training that keeps you at the forefront of innovation
  • Fulltime
Read More
Arrow Right

Product Security Engineer

At Atlassian, we're motivated by a common goal: to unleash the potential of ever...
Location
Location
United States , San Francisco
Salary
Salary:
150700.00 - 206000.00 USD / Year
https://www.atlassian.com Logo
Atlassian
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree in Computer Science, Cybersecurity or related field
  • 24 months of experience working as Application Security Engineer, Product Security Engineer, or Penetration Tester
  • experience in application security tooling such as BurpSuite Pro, Postman, Docker, Command Line Interface (CLI) tools, Nmap, and Metasploit
  • understanding and coding common programming languages such as Java, Python, or Go
  • penetration testing, vulnerability assessment, composing and generating vulnerability reports
  • administering and managing Jira project
  • data analysis and data visualization tooling such as Tableau and Databricks
  • code versioning tools such as Bitbucket Cloud and GitHub
  • must pass technical interview
Job Responsibility
Job Responsibility
  • Evaluate submissions from security researchers to bug bounty program, assess the impact of each vulnerability, and communicate with the researcher community to help obtain additional details that may be helpful to engineering teams as they work to remediate the issues
  • drive improvement to the policies, processes, and automation to make bug bounty programs effective and ensure to get the most accurate information about each vulnerability to the proper engineering team as quickly as possible
  • work on vulnerability management improvements on processes, policies and standards
  • make sure the company's products and services are safe and secure, the internal vulnerability management workflow is accurate and up to date
  • identify vulnerabilities at scale and help engineering teams systematically remediate them
  • work on securing open-source supply chain
  • interact with some of the world’s leading security researchers through bug bounty program
  • build cutting edge tools to help identify and remediate vulnerabilities at scale
  • work with web application security and a strong ability to work with colleagues to develop and build solutions to help us scale in order to be successful in this role
  • read and write code
What we offer
What we offer
  • health and wellbeing resources
  • paid volunteer days
  • Fulltime
Read More
Arrow Right

Head of cyber threat exposure and attack surface management

Lead the enterprise-wide Continuous Threat Exposure Management (CTEM) strategy, ...
Location
Location
United Kingdom , Knutsford
Salary
Salary:
Not provided
barclays.co.uk Logo
Barclays
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Experience in cybersecurity with direct exposure to vulnerability management, red teaming, or threat exposure reduction
  • Proven track record leading programs integrating CSPM, SSPM, ASM, BAS, or exposure correlation technologies
  • Strong understanding of attack paths, adversary emulation, and continuous validation concepts
Job Responsibility
Job Responsibility
  • Own and drive the global CTEM strategy, establishing a continuous, threat-driven exposure management lifecycle aligned with NIST, MITRE, and CISA Secure-by-Design principles
  • Lead and develop a high-performing CTEM team, fostering collaboration, technical excellence, and an outcome-driven culture
  • Integrate and oversee key exposure management technologies, including Cloud Security Posture Management (CSPM), SaaS Security Posture Management (SSPM), Attack Surface Management (ASM), Breach & Attack Simulation (BAS), and other exposure correlation platforms
  • Correlate assets, identity, vulnerability, and configuration to identify high-impact, exploitable attack paths and inform prioritized remediation strategies
  • Collaborate with Application Security, Vulnerability Management, Red Team, and Security Operations to synchronize discovery, validation, and remediation of exposures across the enterprise
  • Align CTEM outputs with real-world adversary behaviors, leveraging Red Team and Threat Intelligence input to validate attack paths and focus on exploitable conditions
  • Drive automation and AI-enabled analytics to continuously map, assess, and measure reductions in the organization’s attack surface
  • Translate technical findings into business risk language, enabling senior leadership and risk committees to make data-driven investment decisions
  • Define and lead CTEM governance and operating models, ensuring exposure assessments, validation, and remediation tracking are embedded in operational processes
  • Establish clear KRIs and maturity metrics that demonstrate continuous improvement in visibility, validation, and response effectiveness
What we offer
What we offer
  • Competitive holiday allowance
  • Life assurance
  • Private medical care
  • Pension contribution
  • Fulltime
Read More
Arrow Right

Senior Audit Manager – Operational Resilience

The Senior Audit Manager is a senior-level management position responsible for m...
Location
Location
Canada , Mississauga
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 10+ years of experience in a related role
  • Suitable Internal Audit Experience from a highly regulated industry
  • Audit experience in Operational Resilience and demonstrated ability to lead complex Operational Resilience engagements including assessment of important business services, impact tolerances, resource mapping and vulnerabilities identification and tracking
  • Experience of leading Audit team through audit engagements
  • Experience in business, functional and people management
  • Related certifications (CIA, CISA, CISSP, CRISC, or similar) preferred
  • Proven ability to execute concurrently on a portfolio of high-quality deliverables according to strict timetables
  • Demonstrated ability to implement continuous improvement and innovation in audit tools and techniques
  • Strong stakeholder management skills
  • Effective negotiating, influencing and relationship management skills
Job Responsibility
Job Responsibility
  • Manage a team of Internal Audit professionals, recruit staff, lead professional development, build effective teams and manage a budget
  • Deliver audit reports, Internal Audit and Regulatory issue validation and business monitoring and governance committee reports
  • Lead reviews for all types of reviews, including the most complex, and review and approve Business Monitoring Quarterly Summaries
  • Participate in major business initiatives and pro-actively advise and assist the business on change initiatives
  • Implement integrated auditing concepts and technology, and follow trends in the Audit field and adapt them for the Audit function
  • Identify solutions for a variety of complex and unique control issues, utilizing complex judgement and sophisticated analytical thought
  • Analyze report findings, and recommend interventions where needed, proposing creative and pragmatic solutions to risk and control issues
  • Partner with Directors and Managing Directors to develop approaches for addressing broader corporate emerging issues
  • Appropriately assess risk when business decisions are made, demonstrating particular consideration for the firm's reputation and safeguarding Citigroup, its clients and assets, by driving compliance with applicable laws, rules and regulations, adhering to Policy, applying sound ethical judgment regarding personal behavior, conduct and business practices, and escalating, managing and reporting control issues with transparency, as well as effectively supervise the activity of others and create accountability with those who fail to maintain these standards
  • Fulltime
Read More
Arrow Right
Jobs by Category
Art and Entertainment Jobs Banking Jobs Call Center Jobs Construction Jobs Consulting Jobs Customer Service Jobs Education Jobs Energy Jobs Finance Jobs Gastronomy Jobs Health and Beauty Jobs Hospitality and Tourism Jobs Human Resources Jobs Insurance Jobs IT - Administration Jobs IT - Software Development Jobs Legal Jobs Logistics Jobs Manufacturing Jobs Marketing, Digital Marketing, SEO, SEM Jobs Media Jobs Nursing Jobs Office Administration Jobs Pharmacy Jobs Physical Work Jobs Public Relations Jobs Public Sector Jobs Purchasing Jobs Quality Control Jobs Real Estate Jobs Research and Development Jobs Sales Jobs
Job Positions Jobs by Country
United States Jobs United Kingdom Jobs India Jobs Canada Jobs Australia Jobs Germany Jobs Ireland Jobs Poland Jobs
Company
Blog About Us Contact
Follow Us
Facebook
X (Twitter)
LinkedIn
Instagram
CrawlJobs Group
ITFlashcards AllDevBlogs
© 2026 CrawlJobs Ltd. All Rights Reserved
Terms & Conditions Privacy Policy